Having fun with science and technology.

Microsoft to Get Malware Bailout in Germany

With the economic crisis still being in full effect, Germany wants to
throw government money at another industry giant. However, this time
it is not an ailing car manufacturer, but the software producer
Microsoft. The German Federal Office for Information
Security
(BSI) plans to team up with internet service providers (ISPs) to
establish a call center helping malware-troubled Windows users.

The project was announced
today
at the German IT summit in Stuttgart. Starting in 2010, ISPs will
track down customers with infected PCs, e.g., by looking for
communication with botnet
controllers. These customers will then be directed to a special
website offering advice on removing the malware. If this is
unsuccessful (or the site is blocked by the malware), people will get
access to a call center, where a staff of about 40 will try to fix the
problem.

This approach raises a number of concerns. First, it leaves the
software manufacturers out of the equation. Therefore, there will be
little incentive to write secure code, as the cost of additional
support will be passed (at least partly) to the government. Second, it
also discourages the users from switching to more secure
products. Both aspects can be interpreted as a direct subsidy for
Microsoft. The timing of the initiative could also not be better: last
week Microsoft's Internet Explorer, the attack vector number
one, lost its
leadership
in Germany to rival Firefox. Additionally, the plan establishes
questionable practices for IT security. Malware infections are seen as
something inevitable, which is definitely not the case.

Unfortunately, how much government money is involved is also kept
secret. SPIEGEL ONLINE
reports
that the BSI refused to disclose the costs for the project, citing
procurement regulations. However, the plans could be overthrown
anyway: chances are that such subsidies are in violation of EU laws.